Red Hat 9041 Published by

A mysql:8.0 security, bug fix, and enhancement update has been released for Red Hat Enterprise Linux 8.



RHSA-2021:3590-01: Moderate: mysql:8.0 security, bug fix, and enhancement update



=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: mysql:8.0 security, bug fix, and enhancement update
Advisory ID: RHSA-2021:3590-01
Product: Red Hat Enterprise Linux
Advisory URL:   https://access.redhat.com/errata/RHSA-2021:3590
Issue date: 2021-09-21
CVE Names: CVE-2020-14672 CVE-2020-14765 CVE-2020-14769
CVE-2020-14773 CVE-2020-14775 CVE-2020-14776
CVE-2020-14777 CVE-2020-14785 CVE-2020-14786
CVE-2020-14789 CVE-2020-14790 CVE-2020-14791
CVE-2020-14793 CVE-2020-14794 CVE-2020-14800
CVE-2020-14804 CVE-2020-14809 CVE-2020-14812
CVE-2020-14814 CVE-2020-14821 CVE-2020-14828
CVE-2020-14829 CVE-2020-14830 CVE-2020-14836
CVE-2020-14837 CVE-2020-14838 CVE-2020-14839
CVE-2020-14844 CVE-2020-14845 CVE-2020-14846
CVE-2020-14848 CVE-2020-14852 CVE-2020-14860
CVE-2020-14861 CVE-2020-14866 CVE-2020-14867
CVE-2020-14868 CVE-2020-14870 CVE-2020-14873
CVE-2020-14888 CVE-2020-14891 CVE-2020-14893
CVE-2021-2001 CVE-2021-2002 CVE-2021-2010
CVE-2021-2011 CVE-2021-2021 CVE-2021-2022
CVE-2021-2024 CVE-2021-2028 CVE-2021-2030
CVE-2021-2031 CVE-2021-2032 CVE-2021-2036
CVE-2021-2038 CVE-2021-2042 CVE-2021-2046
CVE-2021-2048 CVE-2021-2055 CVE-2021-2056
CVE-2021-2058 CVE-2021-2060 CVE-2021-2061
CVE-2021-2065 CVE-2021-2070 CVE-2021-2072
CVE-2021-2076 CVE-2021-2081 CVE-2021-2087
CVE-2021-2088 CVE-2021-2122 CVE-2021-2146
CVE-2021-2164 CVE-2021-2166 CVE-2021-2169
CVE-2021-2170 CVE-2021-2171 CVE-2021-2172
CVE-2021-2174 CVE-2021-2178 CVE-2021-2179
CVE-2021-2180 CVE-2021-2193 CVE-2021-2194
CVE-2021-2196 CVE-2021-2201 CVE-2021-2202
CVE-2021-2203 CVE-2021-2208 CVE-2021-2212
CVE-2021-2213 CVE-2021-2215 CVE-2021-2217
CVE-2021-2226 CVE-2021-2230 CVE-2021-2232
CVE-2021-2278 CVE-2021-2293 CVE-2021-2298
CVE-2021-2299 CVE-2021-2300 CVE-2021-2301
CVE-2021-2304 CVE-2021-2305 CVE-2021-2307
CVE-2021-2308 CVE-2021-2339 CVE-2021-2340
CVE-2021-2342 CVE-2021-2352 CVE-2021-2354
CVE-2021-2356 CVE-2021-2357 CVE-2021-2367
CVE-2021-2370 CVE-2021-2372 CVE-2021-2374
CVE-2021-2383 CVE-2021-2384 CVE-2021-2385
CVE-2021-2387 CVE-2021-2389 CVE-2021-2390
CVE-2021-2399 CVE-2021-2402 CVE-2021-2410
CVE-2021-2412 CVE-2021-2417 CVE-2021-2418
CVE-2021-2422 CVE-2021-2424 CVE-2021-2425
CVE-2021-2426 CVE-2021-2427 CVE-2021-2429
CVE-2021-2437 CVE-2021-2440 CVE-2021-2441
CVE-2021-2444
=====================================================================

1. Summary:

An update for the mysql:8.0 module is now available for Red Hat Enterprise
Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

MySQL is a multi-user, multi-threaded SQL database server. It consists of
the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version:
mysql (8.0.26). (BZ#1996693)

Security Fix(es):

* mysql: Server: Stored Procedure multiple vulnerabilities (CVE-2020-14672,
CVE-2021-2046, CVE-2021-2072, CVE-2021-2081, CVE-2021-2215, CVE-2021-2217,
CVE-2021-2293, CVE-2021-2304, CVE-2021-2424)

* mysql: Server: FTS multiple vulnerabilities (CVE-2020-14765,
CVE-2020-14789, CVE-2020-14804)

* mysql: Server: Optimizer multiple vulnerabilities (CVE-2020-14769,
CVE-2020-14773, CVE-2020-14777, CVE-2020-14785, CVE-2020-14793,
CVE-2020-14794, CVE-2020-14809, CVE-2020-14830, CVE-2020-14836,
CVE-2020-14837, CVE-2020-14839, CVE-2020-14845, CVE-2020-14846,
CVE-2020-14861, CVE-2020-14866, CVE-2020-14868, CVE-2020-14888,
CVE-2020-14891, CVE-2020-14893, CVE-2021-2001, CVE-2021-2021,
CVE-2021-2024, CVE-2021-2030, CVE-2021-2031, CVE-2021-2036, CVE-2021-2055,
CVE-2021-2060, CVE-2021-2065, CVE-2021-2070, CVE-2021-2076, CVE-2021-2164,
CVE-2021-2169, CVE-2021-2170, CVE-2021-2193, CVE-2021-2203, CVE-2021-2212,
CVE-2021-2213, CVE-2021-2230, CVE-2021-2278, CVE-2021-2298, CVE-2021-2299,
CVE-2021-2342, CVE-2021-2357, CVE-2021-2367, CVE-2021-2383, CVE-2021-2384,
CVE-2021-2387, CVE-2021-2410, CVE-2021-2412, CVE-2021-2418, CVE-2021-2425,
CVE-2021-2426, CVE-2021-2427, CVE-2021-2437, CVE-2021-2441, CVE-2021-2444)

* mysql: InnoDB multiple vulnerabilities (CVE-2020-14775, CVE-2020-14776,
CVE-2020-14821, CVE-2020-14829, CVE-2020-14848, CVE-2021-2022,
CVE-2021-2028, CVE-2021-2048, CVE-2021-2174, CVE-2021-2180, CVE-2021-2194,
CVE-2021-2372, CVE-2021-2374, CVE-2021-2389, CVE-2021-2390, CVE-2021-2429,
CVE-2020-14791, CVE-2021-2042)

* mysql: Server: PS multiple vulnerabilities (CVE-2020-14786,
CVE-2020-14790, CVE-2020-14844, CVE-2021-2422)

* mysql: Server: Security multiple vulnerabilities (CVE-2020-14800,
CVE-2020-14838, CVE-2020-14860)

* mysql: Server: Locking multiple vulnerabilities (CVE-2020-14812,
CVE-2021-2058, CVE-2021-2402)

* mysql: Server: DML multiple vulnerabilities (CVE-2020-14814,
CVE-2020-14828, CVE-2021-2056, CVE-2021-2087, CVE-2021-2088, CVE-2021-2166,
CVE-2021-2172, CVE-2021-2196, CVE-2021-2300, CVE-2021-2305, CVE-2021-2370,
CVE-2021-2440)

* mysql: Server: Charsets unspecified vulnerability (CVE-2020-14852)

* mysql: Server: DDL multiple vulnerabilities (CVE-2020-14867,
CVE-2021-2061, CVE-2021-2122, CVE-2021-2339, CVE-2021-2352, CVE-2021-2399)

* mysql: Server: X Plugin unspecified vulnerability (CVE-2020-14870)

* mysql: Server: Logging unspecified vulnerability (CVE-2020-14873)

* mysql: Server: Replication multiple vulnerabilities (CVE-2021-2002,
CVE-2021-2171, CVE-2021-2178, CVE-2021-2202, CVE-2021-2356, CVE-2021-2385)

* mysql: C API multiple vulnerabilities (CVE-2021-2010, CVE-2021-2011)

* mysql: Server: Components Services unspecified vulnerability
(CVE-2021-2038)

* mysql: Server: Options unspecified vulnerability (CVE-2021-2146)

* mysql: Server: Group Replication Plugin multiple vulnerabilities
(CVE-2021-2179, CVE-2021-2232)

* mysql: Server: Partition multiple vulnerabilities (CVE-2021-2201,
CVE-2021-2208)

* mysql: Server: Information Schema multiple vulnerabilities
(CVE-2021-2032, CVE-2021-2226, CVE-2021-2301, CVE-2021-2308)

* mysql: Server: Packaging unspecified vulnerability (CVE-2021-2307)

* mysql: Server: Federated unspecified vulnerability (CVE-2021-2354)

* mysql: Server: GIS unspecified vulnerability (CVE-2021-2417)

* mysql: Server: Memcached unspecified vulnerability (CVE-2021-2340)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Segfault and possible DoS with a crafted query (BZ#1996699)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

  https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be
restarted automatically.

5. Bugs fixed (  https://bugzilla.redhat.com/):

1890737 - CVE-2020-14672 mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2020)
1890738 - CVE-2020-14765 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
1890739 - CVE-2020-14769 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890742 - CVE-2020-14773 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890743 - CVE-2020-14776 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890744 - CVE-2020-14777 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890745 - CVE-2020-14785 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890746 - CVE-2020-14786 mysql: Server: PS unspecified vulnerability (CPU Oct 2020)
1890747 - CVE-2020-14789 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
1890748 - CVE-2020-14790 mysql: Server: PS unspecified vulnerability (CPU Oct 2020)
1890749 - CVE-2020-14791 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890750 - CVE-2020-14793 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890751 - CVE-2020-14794 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890753 - CVE-2020-14800 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2020)
1890754 - CVE-2020-14804 mysql: Server: FTS unspecified vulnerability (CPU Oct 2020)
1890755 - CVE-2020-14809 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890756 - CVE-2020-14812 mysql: Server: Locking unspecified vulnerability (CPU Oct 2020)
1890757 - CVE-2020-14814 mysql: Server: DML unspecified vulnerability (CPU Oct 2020)
1890758 - CVE-2020-14821 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890760 - CVE-2020-14828 mysql: Server: DML unspecified vulnerability (CPU Oct 2020)
1890761 - CVE-2020-14829 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890762 - CVE-2020-14830 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890763 - CVE-2020-14836 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890764 - CVE-2020-14837 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890765 - CVE-2020-14838 mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2020)
1890766 - CVE-2020-14839 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890767 - CVE-2020-14844 mysql: Server: PS unspecified vulnerability (CPU Oct 2020)
1890768 - CVE-2020-14845 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890769 - CVE-2020-14846 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890770 - CVE-2020-14848 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1890771 - CVE-2020-14852 mysql: Server: Charsets unspecified vulnerability (CPU Oct 2020)
1890772 - CVE-2020-14860 mysql: Server: Security: Roles unspecified vulnerability (CPU Oct 2020)
1890773 - CVE-2020-14861 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890774 - CVE-2020-14866 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890775 - CVE-2020-14867 mysql: Server: DDL unspecified vulnerability (CPU Oct 2020)
1890776 - CVE-2020-14868 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890778 - CVE-2020-14870 mysql: Server: X Plugin unspecified vulnerability (CPU Oct 2020)
1890779 - CVE-2020-14873 mysql: Server: Logging unspecified vulnerability (CPU Oct 2020)
1890781 - CVE-2020-14888 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890782 - CVE-2020-14891 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890783 - CVE-2020-14893 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2020)
1890784 - CVE-2020-14775 mysql: InnoDB unspecified vulnerability (CPU Oct 2020)
1922379 - CVE-2021-2001 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922380 - CVE-2021-2002 mysql: Server: Replication unspecified vulnerability (CPU Jan 2021)
1922383 - CVE-2021-2010 mysql: C API unspecified vulnerability (CPU Jan 2021)
1922384 - CVE-2021-2011 mysql: C API unspecified vulnerability (CPU Jan 2021)
1922388 - CVE-2021-2021 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922389 - CVE-2021-2022 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922390 - CVE-2021-2024 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922391 - CVE-2021-2028 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922392 - CVE-2021-2030 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922393 - CVE-2021-2031 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922394 - CVE-2021-2032 mysql: Information Schema unspecified vulnerability (CPU Jan 2021)
1922395 - CVE-2021-2036 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922396 - CVE-2021-2038 mysql: Server: Components Services unspecified vulnerability (CPU Jan 2021)
1922397 - CVE-2021-2042 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922398 - CVE-2021-2046 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021)
1922399 - CVE-2021-2048 mysql: InnoDB unspecified vulnerability (CPU Jan 2021)
1922400 - CVE-2021-2055 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922401 - CVE-2021-2058 mysql: Server: Locking unspecified vulnerability (CPU Jan 2021)
1922402 - CVE-2021-2060 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922403 - CVE-2021-2061 mysql: Server: DDL unspecified vulnerability (CPU Jan 2021)
1922404 - CVE-2021-2065 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922405 - CVE-2021-2070 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922406 - CVE-2021-2072 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021)
1922407 - CVE-2021-2076 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2021)
1922408 - CVE-2021-2087 mysql: Server: DML unspecified vulnerability (CPU Jan 2021)
1922410 - CVE-2021-2088 mysql: Server: DML unspecified vulnerability (CPU Jan 2021)
1922411 - CVE-2021-2122 mysql: Server: DDL unspecified vulnerability (CPU Jan 2021)
1922416 - CVE-2021-2081 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jan 2021)
1922419 - CVE-2021-2056 mysql: Server: DML unspecified vulnerability (CPU Jan 2021)
1951751 - CVE-2021-2146 mysql: Server: Options unspecified vulnerability (CPU Apr 2021)
1951754 - CVE-2021-2164 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951755 - CVE-2021-2166 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951756 - CVE-2021-2169 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951757 - CVE-2021-2170 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951758 - CVE-2021-2171 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021)
1951759 - CVE-2021-2172 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951760 - CVE-2021-2178 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021)
1951761 - CVE-2021-2179 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2021)
1951762 - CVE-2021-2180 mysql: InnoDB unspecified vulnerability (CPU Apr 2021)
1951763 - CVE-2021-2193 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951764 - CVE-2021-2194 mysql: InnoDB unspecified vulnerability (CPU Apr 2021)
1951765 - CVE-2021-2196 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951766 - CVE-2021-2201 mysql: Server: Partition unspecified vulnerability (CPU Apr 2021)
1951767 - CVE-2021-2202 mysql: Server: Replication unspecified vulnerability (CPU Apr 2021)
1951768 - CVE-2021-2203 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951769 - CVE-2021-2208 mysql: Server: Partition unspecified vulnerability (CPU Apr 2021)
1951770 - CVE-2021-2212 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951771 - CVE-2021-2213 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951772 - CVE-2021-2215 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951773 - CVE-2021-2217 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951774 - CVE-2021-2226 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021)
1951775 - CVE-2021-2230 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951776 - CVE-2021-2232 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2021)
1951777 - CVE-2021-2278 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951778 - CVE-2021-2293 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951779 - CVE-2021-2298 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951780 - CVE-2021-2299 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2021)
1951781 - CVE-2021-2300 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951782 - CVE-2021-2301 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021)
1951783 - CVE-2021-2304 mysql: Server: Stored Procedure unspecified vulnerability (CPU Apr 2021)
1951784 - CVE-2021-2305 mysql: Server: DML unspecified vulnerability (CPU Apr 2021)
1951785 - CVE-2021-2307 mysql: Server: Packaging unspecified vulnerability (CPU Apr 2021)
1951786 - CVE-2021-2308 mysql: Server: Information Schema unspecified vulnerability (CPU Apr 2021)
1952802 - CVE-2021-2174 mysql: InnoDB unspecified vulnerability (CPU Apr 2021)
1992279 - CVE-2021-2340 mysql: Server: Memcached unspecified vulnerability (CPU Jul 2021)
1992280 - CVE-2021-2339 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021)
1992294 - CVE-2021-2342 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992297 - CVE-2021-2352 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021)
1992298 - CVE-2021-2354 mysql: Server: Federated unspecified vulnerability (CPU Jul 2021)
1992299 - CVE-2021-2356 mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)
1992300 - CVE-2021-2357 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992301 - CVE-2021-2367 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992302 - CVE-2021-2370 mysql: Server: DML unspecified vulnerability (CPU Jul 2021)
1992303 - CVE-2021-2372 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992304 - CVE-2021-2374 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992305 - CVE-2021-2383 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992306 - CVE-2021-2384 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992307 - CVE-2021-2385 mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)
1992308 - CVE-2021-2387 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992309 - CVE-2021-2389 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992310 - CVE-2021-2390 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992311 - CVE-2021-2399 mysql: Server: DDL unspecified vulnerability (CPU Jul 2021)
1992312 - CVE-2021-2402 mysql: Server: Locking unspecified vulnerability (CPU Jul 2021)
1992313 - CVE-2021-2410 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992314 - CVE-2021-2412 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992315 - CVE-2021-2417 mysql: Server: GIS unspecified vulnerability (CPU Jul 2021)
1992316 - CVE-2021-2418 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992317 - CVE-2021-2422 mysql: Server: PS unspecified vulnerability (CPU Jul 2021)
1992318 - CVE-2021-2424 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2021)
1992319 - CVE-2021-2425 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992320 - CVE-2021-2426 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992321 - CVE-2021-2427 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992322 - CVE-2021-2429 mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
1992323 - CVE-2021-2437 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992324 - CVE-2021-2440 mysql: Server: DML unspecified vulnerability (CPU Jul 2021)
1992325 - CVE-2021-2441 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1992326 - CVE-2021-2444 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2021)
1996693 - Tracker: MySQL rebase to the latest version (8.0.26) [rhel-8.4.0.z]
1996699 - Segfault and possible DoS with a crafted query [rhel-8.4.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.src.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.src.rpm
mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.src.rpm

aarch64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.aarch64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.aarch64.rpm
mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm
mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.aarch64.rpm

ppc64le:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.ppc64le.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.ppc64le.rpm
mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm
mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.ppc64le.rpm

s390x:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.s390x.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.s390x.rpm
mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm
mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.s390x.rpm

x86_64:
mecab-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debuginfo-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-debugsource-0.996-1.module+el8.0.0+3898+e09bb8de.9.x86_64.rpm
mecab-ipadic-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de.x86_64.rpm
mysql-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-common-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-debugsource-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-devel-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-devel-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-errmsg-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-libs-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-libs-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-server-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-server-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-test-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm
mysql-test-debuginfo-8.0.26-1.module+el8.4.0+12359+b8928c02.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
  https://access.redhat.com/security/team/key/

7. References:

  https://access.redhat.com/security/cve/CVE-2020-14672
  https://access.redhat.com/security/cve/CVE-2020-14765
  https://access.redhat.com/security/cve/CVE-2020-14769
  https://access.redhat.com/security/cve/CVE-2020-14773
  https://access.redhat.com/security/cve/CVE-2020-14775
  https://access.redhat.com/security/cve/CVE-2020-14776
  https://access.redhat.com/security/cve/CVE-2020-14777
  https://access.redhat.com/security/cve/CVE-2020-14785
  https://access.redhat.com/security/cve/CVE-2020-14786
  https://access.redhat.com/security/cve/CVE-2020-14789
  https://access.redhat.com/security/cve/CVE-2020-14790
  https://access.redhat.com/security/cve/CVE-2020-14791
  https://access.redhat.com/security/cve/CVE-2020-14793
  https://access.redhat.com/security/cve/CVE-2020-14794
  https://access.redhat.com/security/cve/CVE-2020-14800
  https://access.redhat.com/security/cve/CVE-2020-14804
  https://access.redhat.com/security/cve/CVE-2020-14809
  https://access.redhat.com/security/cve/CVE-2020-14812
  https://access.redhat.com/security/cve/CVE-2020-14814
  https://access.redhat.com/security/cve/CVE-2020-14821
  https://access.redhat.com/security/cve/CVE-2020-14828
  https://access.redhat.com/security/cve/CVE-2020-14829
  https://access.redhat.com/security/cve/CVE-2020-14830
  https://access.redhat.com/security/cve/CVE-2020-14836
  https://access.redhat.com/security/cve/CVE-2020-14837
  https://access.redhat.com/security/cve/CVE-2020-14838
  https://access.redhat.com/security/cve/CVE-2020-14839
  https://access.redhat.com/security/cve/CVE-2020-14844
  https://access.redhat.com/security/cve/CVE-2020-14845
  https://access.redhat.com/security/cve/CVE-2020-14846
  https://access.redhat.com/security/cve/CVE-2020-14848
  https://access.redhat.com/security/cve/CVE-2020-14852
  https://access.redhat.com/security/cve/CVE-2020-14860
  https://access.redhat.com/security/cve/CVE-2020-14861
  https://access.redhat.com/security/cve/CVE-2020-14866
  https://access.redhat.com/security/cve/CVE-2020-14867
  https://access.redhat.com/security/cve/CVE-2020-14868
  https://access.redhat.com/security/cve/CVE-2020-14870
  https://access.redhat.com/security/cve/CVE-2020-14873
  https://access.redhat.com/security/cve/CVE-2020-14888
  https://access.redhat.com/security/cve/CVE-2020-14891
  https://access.redhat.com/security/cve/CVE-2020-14893
  https://access.redhat.com/security/cve/CVE-2021-2001
  https://access.redhat.com/security/cve/CVE-2021-2002
  https://access.redhat.com/security/cve/CVE-2021-2010
  https://access.redhat.com/security/cve/CVE-2021-2011
  https://access.redhat.com/security/cve/CVE-2021-2021
  https://access.redhat.com/security/cve/CVE-2021-2022
  https://access.redhat.com/security/cve/CVE-2021-2024
  https://access.redhat.com/security/cve/CVE-2021-2028
  https://access.redhat.com/security/cve/CVE-2021-2030
  https://access.redhat.com/security/cve/CVE-2021-2031
  https://access.redhat.com/security/cve/CVE-2021-2032
  https://access.redhat.com/security/cve/CVE-2021-2036
  https://access.redhat.com/security/cve/CVE-2021-2038
  https://access.redhat.com/security/cve/CVE-2021-2042
  https://access.redhat.com/security/cve/CVE-2021-2046
  https://access.redhat.com/security/cve/CVE-2021-2048
  https://access.redhat.com/security/cve/CVE-2021-2055
  https://access.redhat.com/security/cve/CVE-2021-2056
  https://access.redhat.com/security/cve/CVE-2021-2058
  https://access.redhat.com/security/cve/CVE-2021-2060
  https://access.redhat.com/security/cve/CVE-2021-2061
  https://access.redhat.com/security/cve/CVE-2021-2065
  https://access.redhat.com/security/cve/CVE-2021-2070
  https://access.redhat.com/security/cve/CVE-2021-2072
  https://access.redhat.com/security/cve/CVE-2021-2076
  https://access.redhat.com/security/cve/CVE-2021-2081
  https://access.redhat.com/security/cve/CVE-2021-2087
  https://access.redhat.com/security/cve/CVE-2021-2088
  https://access.redhat.com/security/cve/CVE-2021-2122
  https://access.redhat.com/security/cve/CVE-2021-2146
  https://access.redhat.com/security/cve/CVE-2021-2164
  https://access.redhat.com/security/cve/CVE-2021-2166
  https://access.redhat.com/security/cve/CVE-2021-2169
  https://access.redhat.com/security/cve/CVE-2021-2170
  https://access.redhat.com/security/cve/CVE-2021-2171
  https://access.redhat.com/security/cve/CVE-2021-2172
  https://access.redhat.com/security/cve/CVE-2021-2174
  https://access.redhat.com/security/cve/CVE-2021-2178
  https://access.redhat.com/security/cve/CVE-2021-2179
  https://access.redhat.com/security/cve/CVE-2021-2180
  https://access.redhat.com/security/cve/CVE-2021-2193
  https://access.redhat.com/security/cve/CVE-2021-2194
  https://access.redhat.com/security/cve/CVE-2021-2196
  https://access.redhat.com/security/cve/CVE-2021-2201
  https://access.redhat.com/security/cve/CVE-2021-2202
  https://access.redhat.com/security/cve/CVE-2021-2203
  https://access.redhat.com/security/cve/CVE-2021-2208
  https://access.redhat.com/security/cve/CVE-2021-2212
  https://access.redhat.com/security/cve/CVE-2021-2213
  https://access.redhat.com/security/cve/CVE-2021-2215
  https://access.redhat.com/security/cve/CVE-2021-2217
  https://access.redhat.com/security/cve/CVE-2021-2226
  https://access.redhat.com/security/cve/CVE-2021-2230
  https://access.redhat.com/security/cve/CVE-2021-2232
  https://access.redhat.com/security/cve/CVE-2021-2278
  https://access.redhat.com/security/cve/CVE-2021-2293
  https://access.redhat.com/security/cve/CVE-2021-2298
  https://access.redhat.com/security/cve/CVE-2021-2299
  https://access.redhat.com/security/cve/CVE-2021-2300
  https://access.redhat.com/security/cve/CVE-2021-2301
  https://access.redhat.com/security/cve/CVE-2021-2304
  https://access.redhat.com/security/cve/CVE-2021-2305
  https://access.redhat.com/security/cve/CVE-2021-2307
  https://access.redhat.com/security/cve/CVE-2021-2308
  https://access.redhat.com/security/cve/CVE-2021-2339
  https://access.redhat.com/security/cve/CVE-2021-2340
  https://access.redhat.com/security/cve/CVE-2021-2342
  https://access.redhat.com/security/cve/CVE-2021-2352
  https://access.redhat.com/security/cve/CVE-2021-2354
  https://access.redhat.com/security/cve/CVE-2021-2356
  https://access.redhat.com/security/cve/CVE-2021-2357
  https://access.redhat.com/security/cve/CVE-2021-2367
  https://access.redhat.com/security/cve/CVE-2021-2370
  https://access.redhat.com/security/cve/CVE-2021-2372
  https://access.redhat.com/security/cve/CVE-2021-2374
  https://access.redhat.com/security/cve/CVE-2021-2383
  https://access.redhat.com/security/cve/CVE-2021-2384
  https://access.redhat.com/security/cve/CVE-2021-2385
  https://access.redhat.com/security/cve/CVE-2021-2387
  https://access.redhat.com/security/cve/CVE-2021-2389
  https://access.redhat.com/security/cve/CVE-2021-2390
  https://access.redhat.com/security/cve/CVE-2021-2399
  https://access.redhat.com/security/cve/CVE-2021-2402
  https://access.redhat.com/security/cve/CVE-2021-2410
  https://access.redhat.com/security/cve/CVE-2021-2412
  https://access.redhat.com/security/cve/CVE-2021-2417
  https://access.redhat.com/security/cve/CVE-2021-2418
  https://access.redhat.com/security/cve/CVE-2021-2422
  https://access.redhat.com/security/cve/CVE-2021-2424
  https://access.redhat.com/security/cve/CVE-2021-2425
  https://access.redhat.com/security/cve/CVE-2021-2426
  https://access.redhat.com/security/cve/CVE-2021-2427
  https://access.redhat.com/security/cve/CVE-2021-2429
  https://access.redhat.com/security/cve/CVE-2021-2437
  https://access.redhat.com/security/cve/CVE-2021-2440
  https://access.redhat.com/security/cve/CVE-2021-2441
  https://access.redhat.com/security/cve/CVE-2021-2444
  https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is . More contact
details at   https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.